/** * Adds a user in the user map * * @param user */ public void putUser(User user) { checkUserMap(); if (userMap.containsKey(user.getUsername())) throw new IllegalArgumentException( "The user " + user.getUsername() + " already exists"); else userMap.put(user.getUsername(), user); }
/** * Updates a user in the user map * * @param user */ public void setUser(User user) { checkUserMap(); if (userMap.containsKey(user.getUsername())) userMap.put(user.getUsername(), user); else throw new IllegalArgumentException( "The user " + user.getUsername() + " already exists"); }
public String extract(User u) { return "extracted-" + u.getUsername(); } }
String username = request.getParameter("username"); String password = hash(request.getParameter("password")); boolean remember = "true".equals(request.getParameter("remember")); User user = userDAO.find(username, password); if (user != null) { request.login(user.getUsername(), user.getPassword()); // Password should already be the hashed variant. request.getSession().setAttribute("user", user); if (remember) { String uuid = UUID.randomUUID().toString(); rememberDAO.save(uuid, user); addCookie(response, COOKIE_NAME, uuid, COOKIE_AGE); } else { rememberDAO.delete(user); removeCookie(response, COOKIE_NAME); } }
public User currentUser() { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth == null || auth instanceof AnonymousAuthenticationToken) { return null; } String email = ((org.springframework.security.core.userdetails.User) auth.getPrincipal()).getUsername(); return userRepository.findByEmail(email); }
/** * Stores the provided user map into a properties object * * @param userMap */ Properties storeUsersToProperties(Map<String, User> userMap) { Properties p = new Properties(); for (User user : userMap.values()) { p.setProperty(user.getUsername(), serializeUser(user)); } return p; }
private static final String SQL_EXIST = "SELECT * FROM users WHERE username=? AND password=?"; public boolean exist(User user) throws SQLException { boolean exist = false; try ( Connection connection = Database.getConnection(); PreparedStatement statement = connection.prepareStatement(SQL_EXIST); ) { statement.setString(1, user.getUsername()); statement.setString(2, user.getPassword()); try (ResultSet resultSet = preparedStatement.executeQuery()) { exist = resultSet.next(); } } return exist; }
public UserDetails loadUserByUsername(String name) { if (user != null && user.getUsername().equals(name)) { return user; } else { return null; } } });
@Test public void authenticateWhenPasswordEncoderAndSuccessThenSuccess() { this.manager.setPasswordEncoder(this.passwordEncoder); when(this.passwordEncoder.matches(any(), any())).thenReturn(true); User user = new User(this.username, this.password, AuthorityUtils.createAuthorityList("ROLE_USER")); when(this.repository.findByUsername(user.getUsername())).thenReturn(Mono.just(user)); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( this.username, this.password); Authentication authentication = this.manager.authenticate(token).block(); assertThat(authentication).isEqualTo(authentication); }
@Test public void deserializeUserWithClassIdInAuthoritiesTest() throws IOException { User user = mapper.readValue(userJson(), User.class); assertThat(user).isNotNull(); assertThat(user.getUsername()).isEqualTo("admin"); assertThat(user.getPassword()).isEqualTo("1234"); assertThat(user.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); }
@Test public void deserializeUserWithNullPasswordNoAuthorityTest() throws Exception { String userJsonWithoutPasswordString = removeNode(userWithNoAuthoritiesJson(), mapper, "password"); User user = mapper.readValue(userJsonWithoutPasswordString, User.class); assertThat(user).isNotNull(); assertThat(user.getUsername()).isEqualTo("admin"); assertThat(user.getPassword()).isNull(); assertThat(user.getAuthorities()).isEmpty(); assertThat(user.isEnabled()).isEqualTo(true); }
@Test public void updateUserChangesDataCorrectlyAndClearsCacheWithLocking() { setUpAccLockingColumns(); insertJoe(); User newJoe = new User("joe", "newpassword", false, false, false, true, AuthorityUtils.createAuthorityList("D", "F", "E")); manager.updateUser(newJoe); UserDetails joe = manager.loadUserByUsername(newJoe.getUsername()); assertThat(joe).isEqualToComparingFieldByField(newJoe); assertThat(cache.getUserMap().containsKey(newJoe.getUsername())).isFalse(); }
@Test public void deserializeRememberMeAuthenticationTokenWithUserTest() throws IOException { RememberMeAuthenticationToken token = mapper .readValue(String.format(REMEMBERME_AUTH_JSON, "\"password\""), RememberMeAuthenticationToken.class); assertThat(token).isNotNull(); assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class); assertThat(((User) token.getPrincipal()).getUsername()).isEqualTo("admin"); assertThat(((User) token.getPrincipal()).getPassword()).isEqualTo("1234"); assertThat(((User) token.getPrincipal()).getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(token.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(((User) token.getPrincipal()).isEnabled()).isEqualTo(true); } }
@Test public void authenticateWhenPasswordEncoderAndFailThenFail() { this.manager.setPasswordEncoder(this.passwordEncoder); when(this.passwordEncoder.matches(any(), any())).thenReturn(false); User user = new User(this.username, this.password, AuthorityUtils.createAuthorityList("ROLE_USER")); when(this.repository.findByUsername(user.getUsername())).thenReturn(Mono.just(user)); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( this.username, this.password); Mono<Authentication> authentication = this.manager.authenticate(token); StepVerifier .create(authentication) .expectError(BadCredentialsException.class) .verify(); } }
@Test public void withUserDetailsWhenAllEnabled() throws Exception { User expected = new User("rob", "pass", true, true, true, true, ROLE_12); UserDetails actual = User.withUserDetails(expected).build(); assertThat(actual.getUsername()).isEqualTo(expected.getUsername()); assertThat(actual.getPassword()).isEqualTo(expected.getPassword()); assertThat(actual.getAuthorities()).isEqualTo(expected.getAuthorities()); assertThat(actual.isAccountNonExpired()).isEqualTo(expected.isAccountNonExpired()); assertThat(actual.isAccountNonLocked()).isEqualTo(expected.isAccountNonLocked()); assertThat(actual.isCredentialsNonExpired()).isEqualTo(expected.isCredentialsNonExpired()); assertThat(actual.isEnabled()).isEqualTo(expected.isEnabled()); }
@Test public void withUserDetailsWhenAllDisabled() throws Exception { User expected = new User("rob", "pass", false, false, false, false, ROLE_12); UserDetails actual = User.withUserDetails(expected).build(); assertThat(actual.getUsername()).isEqualTo(expected.getUsername()); assertThat(actual.getPassword()).isEqualTo(expected.getPassword()); assertThat(actual.getAuthorities()).isEqualTo(expected.getAuthorities()); assertThat(actual.isAccountNonExpired()).isEqualTo(expected.isAccountNonExpired()); assertThat(actual.isAccountNonLocked()).isEqualTo(expected.isAccountNonLocked()); assertThat(actual.isCredentialsNonExpired()).isEqualTo(expected.isCredentialsNonExpired()); assertThat(actual.isEnabled()).isEqualTo(expected.isEnabled()); }
@Test public void serializeAuthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws JsonProcessingException, JSONException { User user = createDefaultUser(); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword(), user.getAuthorities()); String serializedJson = mapper.writeValueAsString(token); JSONAssert.assertEquals(AUTHENTICATED_STRINGPRINCIPAL_JSON, serializedJson, true); }
@Test public void deserializeCasAuthenticationTest() throws IOException, JSONException { CasAuthenticationToken token = mapper.readValue(CAS_TOKEN_JSON, CasAuthenticationToken.class); assertThat(token).isNotNull(); assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class); assertThat(((User) token.getPrincipal()).getUsername()).isEqualTo("admin"); assertThat(((User) token.getPrincipal()).getPassword()).isEqualTo("1234"); assertThat(token.getUserDetails()).isNotNull().isInstanceOf(User.class); assertThat(token.getAssertion()).isNotNull().isInstanceOf(AssertionImpl.class); assertThat(token.getKeyHash()).isEqualTo(KEY.hashCode()); assertThat(token.getUserDetails().getAuthorities()) .extracting(GrantedAuthority::getAuthority) .containsOnly("ROLE_USER"); assertThat(token.getAssertion().getAuthenticationDate()).isEqualTo(START_DATE); assertThat(token.getAssertion().getValidFromDate()).isEqualTo(START_DATE); assertThat(token.getAssertion().getValidUntilDate()).isEqualTo(END_DATE); assertThat(token.getAssertion().getPrincipal().getName()).isEqualTo("assertName"); assertThat(token.getAssertion().getAttributes()).hasSize(0); }
@Test public void cacheOperationsAreSuccessful() throws Exception { SpringCacheBasedUserCache cache = new SpringCacheBasedUserCache(getCache()); // Check it gets stored in the cache cache.putUserInCache(getUser()); assertThat(getUser().getPassword()).isEqualTo(cache.getUserFromCache(getUser().getUsername()).getPassword()); // Check it gets removed from the cache cache.removeUserFromCache(getUser()); assertThat(cache.getUserFromCache(getUser().getUsername())).isNull(); // Check it doesn't return values for null or unknown users assertThat(cache.getUserFromCache(null)).isNull(); assertThat(cache.getUserFromCache("UNKNOWN_USER")).isNull(); }
@Test public void cacheOperationsAreSuccessful() throws Exception { EhCacheBasedUserCache cache = new EhCacheBasedUserCache(); cache.setCache(getCache()); cache.afterPropertiesSet(); // Check it gets stored in the cache cache.putUserInCache(getUser()); assertThat(getUser().getPassword()).isEqualTo(cache.getUserFromCache(getUser().getUsername()).getPassword()); // Check it gets removed from the cache cache.removeUserFromCache(getUser()); assertThat(cache.getUserFromCache(getUser().getUsername())).isNull(); // Check it doesn't return values for null or unknown users assertThat(cache.getUserFromCache(null)).isNull(); assertThat(cache.getUserFromCache("UNKNOWN_USER")).isNull(); }